1. Field of the Invention
This invention relates generally to asset security, more specifically, to assessing security risks based on a combination of a rule based system and reputation metrics.
2. Description of the Related Art
When a subject (e.g., person, software, etc.) becomes a suspected security risk, enterprises may need to immediately suspend access of the suspected subject to controlled resources. These resources may be physical (e.g., buildings, vehicles, machinery, weapons, etc.) or virtual (e.g., web services, applications, etc.). A subject may become a suspected security risk for any number of reasons that may be assessed through the reputation of the subject. The following examples show cases where the reputation of the subject may be built and then used to determine whether the subject is a suspected security risk:                If a subject is a known security risk, that subject's affiliates may become suspect. If the consequences are grave enough and the subject's security risks are high enough, the subject's affiliates or associates may immediately become suspect.        Based the feedback of a peer A, subject's trust may need immediate re-evaluation.        A subject may become a security risk if the subject's skill level in an area becomes diminished (e.g., subject is intoxicated).        
The current solution is for a superior to evaluate each subject and to deny access based on a personal decision. This control does not happen instantaneously, is based on the superior's biases, and requires the superior to have access to a control system.
Therefore, there exists a need for a solution that solves at least one of the deficiencies of the related art.